Filter
Versions
wolfSSLFault Injection of EdDSA signature in WolfCrypt
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
[SECURITY ADVISORY] curl: CVE-2024-2379: QUIC certificate check bypass with wolfSSL
First published (updated )
wolfSSLMarvin Attack vulnerability in SP Math All RSA
5.9
First published (updated )
wolfSSLTLS 1.3 client issue handling malicious server when not including a KSE and PSK extension
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
wolfSSLIn wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a …
9.1
First published (updated )
wolfSSLAn issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads…
5.3
First published (updated )
wolfSSLwolfSSL through 5.0.0 allows an attacker to cause a denial of service and infinite loop in the clien…
5.9
First published (updated )
wolfSSLAn issue was discovered in wolfSSL before 5.5.0 (when --enable-session-ticket is used); however, onl…
5.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
wolfSSLAn issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server …
7.5
First published (updated )
wolfSSLwolfSSL before 5.4.0 allows remote attackers to cause a denial of service via DTLS because a check f…
7.5
First published (updated )
wolfSSLIn wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentic…
7.5
First published (updated )
wolfSSLIn wolfSSL before 5.2.0, certificate validation may be bypassed during attempted authentication by a…
6.5
First published (updated )
wolfSSLwolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections (…
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
wolfSSLwolfSSL before 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant respons…
5.9
First published (updated )
wolfSSLwolfSSL 4.6.x through 4.7.x before 4.8.0 does not produce a failure outcome when the serial number i…
9.8
First published (updated )
wolfSSLIn wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system-lev…
4.9
First published (updated )
wolfSSLDoTls13CertificateVerify in tls13.c in wolfSSL before 4.7.0 does not cease processing for certain an…
8.1
First published (updated )
wolfSSLRsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain rel…
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
wolfSSLwolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAIT_CERT_CR state, within SanityCheckTls…
6.8
First published (updated )
wolfSSLAn issue was discovered in wolfSSL before 4.5.0. It mishandles the change_cipher_spec (CCS) message …
7.5
First published (updated )
wolfSSLAn issue was discovered in the DTLS handshake implementation in wolfSSL before 4.5.0. Clear DTLS app…
5.3
First published (updated )
wolfSSLThe private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inver…
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.